def run(self): time = int(self.time) / int(len(self.option['aplist'])) if self.dict_password: pass else: self.create_brtue_text() r = Reader() # Reader class in airodump module nets = r.get_sorted_networks() for i in xrange(0, len(self.option['aplist'])): channel = self.option['aplist'][i]['channel'] bssid = self.option['aplist'][i]['bssid'] # Get the essid match the encoding format that AP is broadcast. for k in range(0, len(nets)): if nets[k]['bssid'] == bssid: essid = nets[k]['essid'] break enc_type = self.option['aplist'][i]['enc_type'] public_ip = False conn_host = False if essid == '': print '[!!] Can not connect without ESSID' continue self.apcrack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) print "[*] ATTACK START" self.apcrack.run() print "[*] ATTACK END" ap_values = self.apcrack.get_value() if ap_values['key']: # Found Key retval, public_ip, conn_host = network.get_ap_info( essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info) self.result_value = { 'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host } self.result.put(self.result_value) print self.result self.apcrack.stop() self.apcrack = None
def run(self): time = int(self.time) / int(len(self.object['aplist'])) self.create_brtue_text() for i in xrange(0, len(self.object['aplist'])): channel = self.object['aplist'][i]['channel'] bssid = self.object['aplist'][i]['bssid'] essid = self.object['aplist'][i]['essid'] enc_type = self.object['aplist'][i]['enc_type'] ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) public_ip = False conn_host = False ap_crack.run() ap_values = ap_crack.get_value() if ap_values['key']: if network.set_new_connection(essid, ap_values['key'], self.iface): if self.public_ip_get: public_ip = network.myip() if self.conn_host_info: try: conn_host = network.network_host_ip(self.iface) except IOError: conn_host = False self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host}) + ", " ap_crack.stop() self.result_value = str(self.result_value[:-2]) + ']'
def run(self): time = int(self.time) / int(len(self.object['aplist'])) if self.dict_password: pass else: self.create_brtue_text() r = Reader() # Reader class in airodump module nets = r.get_sorted_networks() for i in xrange(0, len(self.object['aplist'])): channel = self.object['aplist'][i]['channel'] bssid = self.object['aplist'][i]['bssid'] # Get the essid match the encoding format that AP is broadcast. for k in range(0, len(nets)): if nets[k]['bssid'] == bssid: essid = nets[k]['essid'] break enc_type = self.object['aplist'][i]['enc_type'] public_ip = False conn_host = False if essid == '': print '[!!]Can not connect without ESSID' continue ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) ap_crack.run() ap_values = ap_crack.get_value() if ap_values['key']: # Found Key retval, public_ip, conn_host = network.get_ap_info(essid, bssid, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info) ''' print ap_values['key'] if network.set_new_connection(essid, bssid, ap_values['key'], self.iface, enc_type): print 'connect network success' if self.public_ip_get: public_ip = network.myip() print 'ip : '+public_ip if self.conn_host_info: try: conn_host = network.network_host_ip(self.iface) print 'conn host :'+ conn_host except IOError: conn_host = False # Releqse Session execute('iw dev '+self.iface+' disconnect') execute('ifconfig '+self.iface+' down') execute('dhcpcd -k '+ self.iface) execute('killall wpa_supplicant') else: # if 'set_new_connection' function return false print '[!!] Failed to connect to AP '+ essid ''' self.result_value += str({'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host}) + ", " ap_crack.stop() self.result_value = str(self.result_value[:-2]) + ']'
def run(self): time = int(self.time) / int(len(self.object['aplist'])) self.create_brtue_text() for i in xrange(0, len(self.object['aplist'])): channel = self.object['aplist'][i]['channel'] bssid = self.object['aplist'][i]['bssid'] essid = self.object['aplist'][i]['essid'] enc_type = self.object['aplist'][i]['enc_type'] ap_crack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) public_ip = False conn_host = False ap_crack.run() ap_values = ap_crack.get_value() if ap_values['key']: if network.set_new_connection(essid, ap_values['key'], self.iface): if self.public_ip_get: public_ip = network.myip() if self.conn_host_info: try: conn_host = network.network_host_ip(self.iface) except IOError: conn_host = False self.result_value += str({ 'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host }) + ", " ap_crack.stop() self.result_value = str(self.result_value[:-2]) + ']'
def run(self): time = int(self.time) / int(len(self.option['aplist'])) if self.dict_password: pass else: self.create_brtue_text() r = Reader() # Reader class in airodump module nets = r.get_sorted_networks() for i in xrange(0, len(self.option['aplist'])): channel = self.option['aplist'][i]['channel'] bssid = self.option['aplist'][i]['bssid'] # Get the essid match the encoding format that AP is broadcast. for k in range(0, len(nets)): if nets[k]['bssid'] == bssid: essid = nets[k]['essid'] break enc_type = self.option['aplist'][i]['enc_type'] public_ip = False conn_host = False if essid == '': print '[!!] Can not connect without ESSID' continue self.apcrack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) print "[*] ATTACK START" self.apcrack.run() print "[*] ATTACK END" ap_values = self.apcrack.get_value() if ap_values['key']: # Found Key retval, public_ip, conn_host = network.get_ap_info(essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info) self.result_value = {'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host} self.result.put(self.result_value) print self.result self.apcrack.stop() self.apcrack = None
class _auto_pentest(Process): def __init__(self, iface, option, result): self.option = option super(_auto_pentest, self).__init__() self.time = int(self.option['timeout']) * 60 self.iface = iface self.conn_host_info = self.option['conn_host_info'] self.public_ip_get = self.option['public_ip_info'] self.brute_min_len = self.option['bruteforce_minlength'] self.brute_max_len = self.option['bruteforce_maxlength'] self.brute_number = self.option['bruteforce_number'] self.brute_space = self.option['bruteforce_space'] self.brute_special = self.option['bruteforce_special'] self.brute_string = self.option['bruteforce_strings'] self.dict_password = self.option['dictionary_password'] self.dict_user = self.option['dictionary_user'] self.result_value = None self.result = result self.apcrack = None signal.signal(signal.SIGTERM, signal_handler) global G_PEN G_PEN = self def run(self): time = int(self.time) / int(len(self.option['aplist'])) if self.dict_password: pass else: self.create_brtue_text() r = Reader() # Reader class in airodump module nets = r.get_sorted_networks() for i in xrange(0, len(self.option['aplist'])): channel = self.option['aplist'][i]['channel'] bssid = self.option['aplist'][i]['bssid'] # Get the essid match the encoding format that AP is broadcast. for k in range(0, len(nets)): if nets[k]['bssid'] == bssid: essid = nets[k]['essid'] break enc_type = self.option['aplist'][i]['enc_type'] public_ip = False conn_host = False if essid == '': print '[!!] Can not connect without ESSID' continue self.apcrack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) print "[*] ATTACK START" self.apcrack.run() print "[*] ATTACK END" ap_values = self.apcrack.get_value() if ap_values['key']: # Found Key retval, public_ip, conn_host = network.get_ap_info( essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info) self.result_value = { 'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host } self.result.put(self.result_value) print self.result self.apcrack.stop() self.apcrack = None def create_brtue_text(self): text = brute_force.brute_text_create( min_length=int(self.brute_min_len), max_length=int(self.brute_max_len), letters=bool(self.brute_string), numbers=bool(self.brute_number), symbols=bool(self.brute_special), spaces=bool(self.brute_space)) f = open('./dict/password.lst', 'w') for t in text: # Performance improvement needs. f.write(t + '\n') f.close()
class _auto_pentest(Process): def __init__(self, iface, option, result): self.option = option super(_auto_pentest, self).__init__() self.time = int(self.option['timeout']) * 60 self.iface = iface self.conn_host_info = self.option['conn_host_info'] self.public_ip_get = self.option['public_ip_info'] self.brute_min_len = self.option['bruteforce_minlength'] self.brute_max_len = self.option['bruteforce_maxlength'] self.brute_number = self.option['bruteforce_number'] self.brute_space = self.option['bruteforce_space'] self.brute_special = self.option['bruteforce_special'] self.brute_string = self.option['bruteforce_strings'] self.dict_password = self.option['dictionary_password'] self.dict_user = self.option['dictionary_user'] self.result_value = None self.result = result self.apcrack = None signal.signal(signal.SIGTERM, signal_handler) global G_PEN G_PEN = self def run(self): time = int(self.time) / int(len(self.option['aplist'])) if self.dict_password: pass else: self.create_brtue_text() r = Reader() # Reader class in airodump module nets = r.get_sorted_networks() for i in xrange(0, len(self.option['aplist'])): channel = self.option['aplist'][i]['channel'] bssid = self.option['aplist'][i]['bssid'] # Get the essid match the encoding format that AP is broadcast. for k in range(0, len(nets)): if nets[k]['bssid'] == bssid: essid = nets[k]['essid'] break enc_type = self.option['aplist'][i]['enc_type'] public_ip = False conn_host = False if essid == '': print '[!!] Can not connect without ESSID' continue self.apcrack = Attack(self.iface, channel, bssid, essid, enc_type, timeout=time) print "[*] ATTACK START" self.apcrack.run() print "[*] ATTACK END" ap_values = self.apcrack.get_value() if ap_values['key']: # Found Key retval, public_ip, conn_host = network.get_ap_info(essid, channel, enc_type, ap_values['key'], self.iface, self.public_ip_get, self.conn_host_info) self.result_value = {'essid': ap_values['essid'], 'bssid': ap_values['bssid'], 'inject_T': ap_values['inject_T'], 'fake_auth_T': ap_values['fake_auth_T'], 'arp_req_T': ap_values['arp_req_T'], 'key': ap_values['key'], 'public_ip': public_ip, 'conn_host_info': conn_host} self.result.put(self.result_value) print self.result self.apcrack.stop() self.apcrack = None def create_brtue_text(self): text = brute_force.brute_text_create(min_length=int(self.brute_min_len), max_length=int(self.brute_max_len), letters=bool(self.brute_string), numbers=bool(self.brute_number), symbols=bool(self.brute_special), spaces=bool(self.brute_space)) f = open('./dict/password.lst', 'w') for t in text: # Performance improvement needs. f.write(t + '\n') f.close()